BitMEX exchange, has revealed what caused a downtime in their network last week amid the crypto market bear run. The company’s CTO, Samuel Reed, updated stakeholders via his twitter handle noting that a botnet had compromised the system;
So here's what we know so far: on Mar 13 at both 02:15 UTC and 12:56 UTC, we came under attack from a botnet that appears to have been probing the system for some time. This botnet was also responsible for an attack on Feb 15.
— Samuel Reed (@STRML_) March 16, 2020
The tweet was a response to an earlier post by BitMEX founder, Arthur Hayes, who had acknowledged concerns by users. Hayes highlighted that they are working to address the questions in a transparent manner over the coming days.
The BitMEX Botnet Attack
According to Reed, this botnet had made similar attempts on BitMEX’s ecosystem back in February. However, it was not successful given the exchange deployed its DDoS mitigation approach that have been effective for L3 & L4 attacks.
The attackers appear to have resurfaced on March 13th and their impact was felt this time coinciding with the market slump. Reed pointed out that the botnet compromised BitMEX through an end point that was consistently, reliably slow. This slow query was however identified after the second attack and has since been fixed as per the twitter thread;
“We're making systemic changes on our backend to ensure this can't happen again, and re-reviewing older systems to simplify, de-couple, isolate, and improve performance.”
On the brighter side, some crypto analysts have said that BitMEX’s operational halt prevented BTC from dipping further down to historic lows. BitMEX had earlier on attributed its network malfunction to hardware issues by one of its cloud providers but this position has gradually changed. Reed, the firm’s CTO, mentioned that they will continue to document any technical advances made within this area.